1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Multiple Agents (browser) from same IP in 2 minutes

Discussion in 'Security' started by Claudek, Dec 28, 2006.

0
  1. #1
    Hello,

    Going through one of website logs, I noticed over 100 visits from 1 IP which had a multitude of Browser Agents. I am not sure what to make of this - whether it is a test of some sort or a probe of sorts to see what output is given depending on Agent.

    The details are as below:
    IP Address: 66.150.225.119
    Time Period: Date: Dec 28 07:19:49 - Dec 28 07:21:11


    Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt)
    Agent: Mozilla/4.0 (compatible; MSIE 5.0; Windows 98; DigExt; MRA 4.0 (build 00768))
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; http://www.tropicdesigns.net)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.1)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; MyIE2; MRA 4.4 (build 01348))
    Agent: Mozilla/5.0 (compatible; Googlebot/2.1;+http://www.google.com/bot.html)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0; Maxthon)
    Agent: Mozilla/5.0 (Windows NT 5.1; U) Opera 7.54 [ru]
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)
    Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; en) Opera 8.50

    I may have missed a couple of agents but the general idea can be seen.

    Any ideas on this would be appreciated. Last thing I need now is that site having issues.
     
    Claudek, Dec 28, 2006 IP
  2. LinkBliss

    LinkBliss Peon

    Messages:
    697
    Likes Received:
    15
    Best Answers:
    0
    Trophy Points:
    0
    #2
    I was going to mention that it's not odd, someone can open a site in IE and then decide to switch to using Firefox or vice versa, but that's a lot of clients!

    I would guess that it's a rendering test, perhaps they are snagging snapshots with each browser (or simulated browser?) to compare.

    Eric
     
    LinkBliss, Dec 28, 2006 IP
  3. lkj

    lkj Peon

    Messages:
    729
    Likes Received:
    17
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Could be a proxy daemon running on the server.......
     
    lkj, Jan 16, 2007 IP
  4. Qryztufre

    Qryztufre Prominent Member

    Messages:
    6,071
    Likes Received:
    491
    Best Answers:
    0
    Trophy Points:
    300
    #4
    The same thing just happened to my site, and one of the user agents claimed to be a googlebot.

    I'd assume it was some type of spammer. I've banned the IP address.

    66.150.225.119

    It came along with a few other numbers, as well... but *shrug*
    Q


    EDIT: I'm looking over my logs, and all of the IP's that hit my site all tried to log in at least once... there may be a connection *shrug*
     
    Qryztufre, Jan 26, 2007 IP